You want to ensure that all requests presenting a client certificate signed by any of the authorities mentioned in the client-ca-file are authenticated with an identity corresponding to the CommonName of the client certificate.
Which of these optional flags in kube-apiserver are you likely to set to achieve this?
- –client-ca-file string
- –cloud-config string
- –cors-allowed-origins stringSlice